idnits 2.17.1 draft-ietf-6tisch-enrollment-enhanced-beacon-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 167 has weird spacing: '...riority this ...' == Line 175 has weird spacing: '...riority the p...' == Line 184 has weird spacing: '...riority the r...' -- The document date (September 16, 2019) is 1677 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Outdated reference: A later version (-15) exists of draft-ietf-6tisch-minimal-security-12 -- Possible downref: Non-RFC (?) normative reference: ref. 'ieee802154' ** Downref: Normative reference to an Informational RFC: RFC 8137 == Outdated reference: A later version (-30) exists of draft-ietf-6tisch-architecture-26 Summary: 1 error (**), 0 flaws (~~), 6 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 6lo Working Group D. Dujovne 3 Internet-Draft Universidad Diego Portales 4 Intended status: Standards Track M. Richardson 5 Expires: March 19, 2020 Sandelman Software Works 6 September 16, 2019 8 IEEE802.15.4 Informational Element encapsulation of 6tisch Join and 9 Enrollment Information 10 draft-ietf-6tisch-enrollment-enhanced-beacon-05 12 Abstract 14 In TSCH mode of IEEE STD 802.15.4 opportunities for broadcasts are 15 limited to specific times and specific channels. Nodes in a TSCH 16 network typically frequently send Enhanced Beacon (EB) frames to 17 announce the presence of the network. This document provides a 18 mechanism by which small details critical for new nodes (pledges) and 19 long sleeping nodes may be carried within the Enhanced Beacon. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on March 19, 2020. 38 Copyright Notice 40 Copyright (c) 2019 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (https://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Use of BCP 14 Terminology . . . . . . . . . . . . . . . . 2 57 1.2. Layer-2 Synchronization . . . . . . . . . . . . . . . . . 2 58 1.3. Layer-3 synchronization IPv6 Router solicitations and 59 advertisements . . . . . . . . . . . . . . . . . . . . . 3 60 2. Protocol Definition . . . . . . . . . . . . . . . . . . . . . 3 61 3. Security Considerations . . . . . . . . . . . . . . . . . . . 5 62 4. Privacy Considerations . . . . . . . . . . . . . . . . . . . 5 63 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6 64 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 65 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 66 7.1. Normative References . . . . . . . . . . . . . . . . . . 6 67 7.2. Informative References . . . . . . . . . . . . . . . . . 7 68 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 70 1. Introduction 72 [RFC7554] describes the use of the time-slotted channel hopping 73 (TSCH) mode of [ieee802154]. As further details in [RFC8180], an 74 Enhanced Beacon is transmitted during a slot designated a broadcast 75 slot. 77 1.1. Use of BCP 14 Terminology 79 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 80 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 81 "OPTIONAL" in this document are to be interpreted as described in 82 [BCP14] [RFC2119] when, and only when, they appear in all capitals, 83 as shown here. 85 Other terminology can be found in [I-D.ietf-6tisch-architecture] in 86 section 2.1. 88 1.2. Layer-2 Synchronization 90 As explained in section 6 of [RFC8180], the Enhanced Beacon has a 91 number of purposes: synchronization of ASN and Join Metric, timeslot 92 template identifier, the channel hopping sequence identifier, TSCH 93 SlotFrame and Link IE. 95 The Enhanced Beacon (EB) is used by nodes already part of a TSCH 96 network to annouce its existance. Receiving an EB allows a Joining 97 Node (pledge) to learn about the network and synchronize to it. The 98 EB may also be used as a means for a node already part of the network 99 to re-synchronize [RFC7554]. 101 There are a limited number of timeslots designated as a broadcast 102 slot by each router. These slots are rare, and with 10ms slots, with 103 a slot-frame length of 100, there may be only 1 slot/s for the 104 beacon. 106 1.3. Layer-3 synchronization IPv6 Router solicitations and 107 advertisements 109 At layer 3, [RFC4861] defines a mechanism by which nodes learn about 110 routers by listening for multicasted Router Advertisements (RA). If 111 no RA is heard within a set time, then a Router Solicitation (RS) may 112 be multicast, to which an RA will be received, usually unicast. 114 Although [RFC6775] reduces the amount of multicast necessary to do 115 address resolution via Neighbor Solicitation messages, it still 116 requires multicast of either RAs or RS. This is an expensive 117 operation for two reasons: there are few multicast timeslots for 118 unsolicited RAs; if a pledge node does not hear an RA, and decides to 119 send a RS (consuming a broadcast aloha slot with unencrypted 120 traffic), unicast RS may be sent in response. 122 This is a particularly acute issue for the join process for the 123 following reasons: 125 1. use of a multicast slot by even a non-malicious unauthenticated 126 node for a Router Solicitation may overwhelm that time slot. 128 2. it may require many seconds of on-time before a new pledge hears 129 a Router Soliciation that it can use. 131 3. a new pledge may listen to many Enhanced Beacons before it can 132 pick an appropriate network and/or closest Join Assistant to 133 attach to. If it must listen for a RS as well as find the 134 Enhanced Beacon, then the process may take a very long time. 136 2. Protocol Definition 138 [RFC8137] creates a registry for new IETF IE subtypes. This document 139 allocates a new subtype. 141 The new IE subtype structure is as follows. As explained in 142 [RFC8137] the length of the Sub-Type Content can be calculated from 143 the container, so no length information is necessary. 145 1 2 3 146 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 147 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 148 | TBD-XXX |R|P| res | proxy prio | rank priority | 149 +-+-+-+-+-+-+-+-+-+-------------+-------------+-----------------+ 150 | pan priority | | 151 +---------------+ + 152 | Join Proxy lower-64 | 153 + (present if P=1) + 154 | | 155 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 156 | | | 157 +-+-+-+-+-+-+-+-+ + 158 | network ID | 159 + variable length, up to 16 bytes + 160 ~ ~ 161 + + 162 | | 163 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 164 | | 165 +-+-+-+-+-+-+-+-+ 167 proxy priority this field indicates the willingness to act as join 168 proxy. Lower value indicates willing to act as a Join Proxy as 169 described in [I-D.ietf-6tisch-minimal-security]. Values range 0 170 (most willing) to 0x7e (least willing). A priority of 0x7f 171 indicates that the announcer should never be considered as a 172 viable enrollment proxy. Only unenrolled pledges look at this 173 value. 175 pan priority the pan priority is a value set by the DODAG root to 176 indicate the relative priority of this LLN compared to those with 177 different PANIDs. This value may be used as part of the 178 enrollment priority, but typically is used by devices which have 179 already enrolled, and need to determine which PAN to pick. 180 Unenrolled pledges MAY consider this value when selecting a PAN to 181 join. Enrolled devices MAY consider this value when looking for 182 an eligible parent device. 184 rank priority the rank "priority" is set by the 6LR which sent the 185 beacon and is an indication of how willing this 6LR is to serve as 186 an RPL parent within a particular network ID. This is a local 187 value to be determined in other work. It might be calculated from 188 RPL rank, and it may include some modifications based upon current 189 number of children, or number of neighbor cache entries available. 190 This value MUST be ignored by pledges, it is for enrolled devices 191 only. 193 R the Router Advertisement R-flag is set if the sending node will 194 act as a Router for host-only nodes that need addressing via 195 unicast Router Solicitation messages. 197 P if the Proxy Address P-flag is set, then the lower 64-bits of the 198 Join Proxy's Link Layer address follows the network ID. If the 199 Proxy Address bit is not set, then the Link Layer address of the 200 Join Proxy is identical to the Layer-2 8-byte address used to 201 originate this enhanced beacon. In either case, the layer-2 202 address of any IPv6 traffic to the originator of this beacon may 203 use the layer-2 address which was used to originate the beacon. 205 join-proxy interface ID if the P bit is set, then 64 bits (8 bytes) 206 of address are present. This field provides the suffix of the 207 Link-Local address of the Join Proxy. The associated prefix is 208 well-known as fe80::/64. 210 network ID this is an variable length field, up to 16-bytes in size 211 that uniquely identifies this network, potentially among many 212 networks that are operating in the same frequencies in overlapping 213 physical space. The length of this field can be calculated as 214 being whatever is left in the Information Element. 216 In a 6tisch network, where RPL [RFC6550] is used as the mesh routing 217 protocol, the network ID can be constructed from a SHA256 hash of the 218 prefix (/64) of the network. That is just a suggestion for a default 219 value. In some LLNs where multiple PANIDs may lead to the same 220 management device (the JRC), then a common value that is the same 221 across all PANs MUST be configured. 223 3. Security Considerations 225 All of the contents of this Information Element are sent in the 226 clear. The containing Enhanced Beacon is not encrypted. 228 The Enhanced Beagon is authenticated at the layer-2 level using 229 802.15.4 mechanisms using the network-wide keying material. Nodes 230 which are enrolled will have the network-wide keying material and can 231 validate the beacon. 233 Pledges which have not yet enrolled are unable to authenticate the 234 beacons. 236 4. Privacy Considerations 238 The use of a network ID may reveal information about the network. 239 The use of a SHA256 hash of the DODAGID, rather than using the 240 DODAGID directly provides some cover the addresses used within the 241 network. The DODAGID is usually the IPv6 address of the root of the 242 RPL mesh. 244 An interloper with a radio sniffer would be able to use the network 245 ID to map out the extend of the mesh network. 247 5. IANA Considerations 249 Allocate a new number TBD-XXX from Registry IETF IE Sub-type ID. 250 This entry should be called 6tisch-Join-Info, and should refer to 251 this document. 253 6. Acknowledgements 255 Thomas Watteyne provided extensive editorial comments on the 256 document. 258 7. References 260 7.1. Normative References 262 [BCP14] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 263 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 264 May 2017, . 266 [I-D.ietf-6tisch-minimal-security] 267 Vucinic, M., Simon, J., Pister, K., and M. Richardson, 268 "Minimal Security Framework for 6TiSCH", draft-ietf- 269 6tisch-minimal-security-12 (work in progress), July 2019. 271 [ieee802154] 272 IEEE standard for Information Technology, ., "IEEE Std. 273 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC) 274 and Physical Layer (PHY) Specifications for Low-Rate 275 Wireless Personal Area Networks", n.d., 276 . 279 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 280 Requirement Levels", BCP 14, RFC 2119, 281 DOI 10.17487/RFC2119, March 1997, 282 . 284 [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, 285 "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, 286 DOI 10.17487/RFC4861, September 2007, 287 . 289 [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. 290 Bormann, "Neighbor Discovery Optimization for IPv6 over 291 Low-Power Wireless Personal Area Networks (6LoWPANs)", 292 RFC 6775, DOI 10.17487/RFC6775, November 2012, 293 . 295 [RFC8137] Kivinen, T. and P. Kinney, "IEEE 802.15.4 Information 296 Element for the IETF", RFC 8137, DOI 10.17487/RFC8137, May 297 2017, . 299 7.2. Informative References 301 [I-D.ietf-6tisch-architecture] 302 Thubert, P., "An Architecture for IPv6 over the TSCH mode 303 of IEEE 802.15.4", draft-ietf-6tisch-architecture-26 (work 304 in progress), August 2019. 306 [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., 307 Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, 308 JP., and R. Alexander, "RPL: IPv6 Routing Protocol for 309 Low-Power and Lossy Networks", RFC 6550, 310 DOI 10.17487/RFC6550, March 2012, 311 . 313 [RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using 314 IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the 315 Internet of Things (IoT): Problem Statement", RFC 7554, 316 DOI 10.17487/RFC7554, May 2015, 317 . 319 [RFC8180] Vilajosana, X., Ed., Pister, K., and T. Watteyne, "Minimal 320 IPv6 over the TSCH Mode of IEEE 802.15.4e (6TiSCH) 321 Configuration", BCP 210, RFC 8180, DOI 10.17487/RFC8180, 322 May 2017, . 324 Authors' Addresses 326 Diego Dujovne (editor) 327 Universidad Diego Portales 328 Escuela de Informatica y Telecomunicaciones, Av. Ejercito 441 329 Santiago, Region Metropolitana 330 Chile 332 Phone: +56 (2) 676-8121 333 Email: diego.dujovne@mail.udp.cl 334 Michael Richardson 335 Sandelman Software Works 337 Email: mcr+ietf@sandelman.ca